Description Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. References https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin For More Information CVERecord
Securing Seamless Traffic Distribution on E-commerce Websites In today’s digital landscape, e-commerce websites are essential to connecting businesses with consumers.
Description A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is
Description Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and Apache Airflow before 2.7.0 are affected
Description Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability
Prophaze’s Prevention of Attacks on the Government Industry It is crucial for government agencies that depend on digital infrastructure to
Description Due to improper input validation, a remote attacker could execute arbitrary commands on the target system. References https://csirt.divd.nl/CVE-2023-25915 https://csirt.divd.nl/DIVD-2023-00025
Description N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login
Description Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior
Description Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for
Description IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote authenticated attacker to execute arbitrary commands on
Description Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI.
Lack of resources and rate limiting are security vulnerabilities that occur when an API does not have enough resources to
Description A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if
Excessive data exposure is a security vulnerability that occurs when an application exposes more data than is necessary to users
Description XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms is vulnerable
Attacks on Application Programming Interfaces (APIs) have become significant cybersecurity challenges in today’s digital landscape. Bot attacks on APIs involve
Bots have become a dominant force on the internet, with both positive and negative consequences. While some bots contribute to
Description Uncontrolled search path for the Intel(R) AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially
Description Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation. References https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 For
Description Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow
Description SAP PowerDesigner – version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries
Description A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by
Description LinuxASMCallGraph is software for drawing the call graph of the programming code. Linux ASMCallGraph before commit 20dba06bd1a3cf260612d4f21547c25002121cd5 allows attackers